[openssl-users] different encrypted text for the same plain text message

Short, Todd tshort at akamai.com
Thu Jul 28 15:23:41 UTC 2016


Rich Salz basically told this guy to read Wikipedia about cryptography… :)
--
-Todd Short
// tshort at akamai.com<mailto:tshort at akamai.com>
// "One if by land, two if by sea, three if by the Internet."

On Jul 28, 2016, at 11:15 AM, Benjamin Kaduk <bkaduk at akamai.com<mailto:bkaduk at akamai.com>> wrote:

There are several places where a per-connection random input is introduced, with a specific goal of making encryptions of the same plaintext produce different ciphertexts (as well as other benefits).  If a plaintext always produced the same ciphertext, then an attacker could make a dictionary of different observed ciphertexts and know when the same plaintext was being repeated, which violates the confidentiality property desired from the protocol.

-Ben

On 07/28/2016 06:19 AM, R-D intern wrote:

Hello,
I am using ECDSA-ECDHE-AES-SHA cipher suite for client -server security.I
tried understanding the mechanism handshake mechanism. What still quizzes me
is ; communication between a specific client -server for a specific session
generates different encrypted text for the same plain text message. What
leads  to this? Can anybody elaborate?
Please reply.
Thanks and regards,
Suman



--
View this message in context: http://openssl.6102.n7.nabble.com/different-encrypted-text-for-the-same-plain-text-message-tp67595.html<https://urldefense.proofpoint.com/v2/url?u=http-3A__openssl.6102.n7.nabble.com_different-2Dencrypted-2Dtext-2Dfor-2Dthe-2Dsame-2Dplain-2Dtext-2Dmessage-2Dtp67595.html&d=DQMD-g&c=96ZbZZcaMF4w0F4jpN6LZg&r=QBEcQsqoUDdk1Q26CzlzNPPUkKYWIh1LYsiHAwmtRik&m=bXJZ2KhOMl-dRHmkx3vDqeINnhhmqrdHUExGJDpoZ_E&s=aB8p8X69xD0FHcMAtF6HiF1qymHpB5kXmLjGMOACGFg&e=>
Sent from the OpenSSL - User mailing list archive at Nabble.com<http://nabble.com>.


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160728/728b9c38/attachment.html>


More information about the openssl-users mailing list